Higher Education ...
Follow
Find
4.8K views | +2 today
Higher Education & Information Security
Information Security and Cybersecurity in Higher Education
Your new post is loading...
Your new post is loading...
Scooped by Higher Ed InfoSec Council
Scoop.it!

Companies 'Won't have a Choice' About Using Big Data for ID Management

Companies 'Won't have a Choice' About Using Big Data for ID Management | Higher Education & Information Security | Scoop.it
Enterprises will be forced to invest in Big Data technologies to monitor employee behavior in order to better control remote access to company systems, which is becoming a problem thanks to the ongoing surge in consumerization.

 

"Companies will start collecting user data to conduct real-time risk based analyses.


Bulpett provided the example of an employee that logs on at 3am from an unknown IP address, which based on the user's past behaviour could be identified as unusual, and so an algorithm run by the company would then lock that user out."

more...
No comment yet.
Rescooped by Higher Ed InfoSec Council from Information Security Education
Scoop.it!

Cisco chief: companies need to upgrade "antiquated" security systems

Cisco chief: companies need to upgrade "antiquated" security systems | Higher Education & Information Security | Scoop.it

"Any forward-thinking enterprise wants to embrace the latest technologies to enhance productivity in its day-to-day operations, and industry bosses are becoming far more open to concepts like BYOD, cloud computing, and social media. But is this modernist approach to functionality reflected in the security policy of businesses?


Chris Young, Senior Vice President of Security and Government at US giant Cisco, thinks not. Young was speaking to a select press audience including ITProPortal as Cisco hosted a special roundtable discussion in London, and the security chief repeatedly condemned the outdated “castle and moat” mentality of so many organisations."


Via Justyna LaPay
more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Who Holds IT Security Power? [Slideshow]

Who Holds IT Security Power? [Slideshow] | Higher Education & Information Security | Scoop.it

Power — it’s about industry influence or setting security standards or breaking into networks or defending them. From Apple, to Symantec and Anonymous, these are some of the most powerful and influential groups operating in the information security world today.

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Security Awareness & Communication in the C-Suite [Webinar]

Security Awareness & Communication in the C-Suite [Webinar] | Higher Education & Information Security | Scoop.it

Now available: The recording and slides from Dave Cullinane's EDUCAUSE Live! webinar, "Security Awareness and Communication in the C-Suite." 

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

GhostShell university hack: By the numbers | ZDNet

GhostShell university hack: By the numbers | ZDNet | Higher Education & Information Security | Scoop.it
Summary: Yesterday, hacktivist group GhostShell claimed to have breached 100 top university servers, releasing 120,000 records. But how much information was sensitive?

 

"Records stolen from university databases including the University of Michigan, New York University, Princeton and Harvard were made publicly available yesterday, after hacker group leader 'DeadMellox' tweeted a link to the release posted on Pastebin.

 

The group claimed to have released just a fraction of what they managed to obtain in campaign "Project WestWind", but it still apparently amounted to 120,000 sets of data.

 

GhostShell has cited tuition fees, political agendas, tough teaching regulations and job uncertainty for graduates as reasons for the campaign."

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Decade of the CSO

Decade of the CSO | Higher Education & Information Security | Scoop.it
Looking back at 10 years of change and progress - and forward to what lies ahead...

 

"Security as a profession has come a long way in the last decade. This is not just noteworthy, it's also worth celebrating."

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Presidential Proclamation -- National Cybersecurity Awareness Month, 2012 | The White House

Presidential Proclamation -- National Cybersecurity Awareness Month, 2012 | The White House | Higher Education & Information Security | Scoop.it

President Obama makes proclamation declaring October 2012 as National Cyber Security Awareness Month (NCSAM).

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

NCSAM Social Media Status Updates - One for Each Day in October

NCSAM Social Media Status Updates - One for Each Day in October | Higher Education & Information Security | Scoop.it

Join the social media community and raise awareness about online safety and security during National Cyber Security Awareness Month (NCSAM) this month.

 

Use the following messages for your social network status updates - one for each day of the month! You can also download a PDF version of this document.

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

A minefield of legal risks come with “bring your own device” policies

A minefield of legal risks come with “bring your own device” policies | Higher Education & Information Security | Scoop.it

"...BYOD comes with a minefield of legal questions and risks: How do we prevent trade secrets and client lists from getting leaked if an employee loses his or her phone? How do we keep personal information about workers — bank accounts, Social Security numbers, spending habits — secure? What happens if a personal cellphone infected with a virus gets integrated into the company network? To what degree can a company monitor the searches and personal contacts of their employees?"

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Social engineering: Using social media to launch a cyberattack

Social engineering: Using social media to launch a cyberattack | Higher Education & Information Security | Scoop.it

Hackers penetrate secure networks by attacking the weakest links in cyberspace: human beings. In this example, a hacker targets an intelligence contractor. 

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Take Action During National Cyber Security Awareness Month 2012

Take Action During National Cyber Security Awareness Month 2012 | Higher Education & Information Security | Scoop.it

"During NCSAM and beyond, the Stop.Think.Connect.Campaign encourages you to ACT – Achieve Cybersecurity Together – to help ensure everyone understands their role in safeguarding and securing cyberspace, recognizes how to protect themselves and their online interests, and knows who to contact if compromised online.

 

Get involved this October and ACT to spread cybersecurity awareness in your community. It doesn’t matter if you can spare an hour or a year on cybersecurity, because even small efforts can make a big difference."

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

7 common risk management mistakes

7 common risk management mistakes | Higher Education & Information Security | Scoop.it

Faulty statistical methods and other common errors that can trip up your program.

 

"Executives know they face risks, but they often don't know which risks are real, or what that exposure means to their business.

The aim of security risk management is to remove the guesswork and help the business make smarter decisions.

 

Unfortunately, many experts believe that most companies aren't quite there yet and that their efforts, while well-meaning, fall short and may even incorporate bad habits that can increase an organization's risk."

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Just How Hackable is Your Digital Life?

Just How Hackable is Your Digital Life? | Higher Education & Information Security | Scoop.it

"When Wired News reporter Mat Honan had his digital life hacked and subsequently, virtually wiped outin August, the significant loss of data he endured wasn't the scariest part of the experience. Much more terrifying was the method by which hackers drilled into his digital accounts...

 

If a hacker wanted to ruin your life whether by identity theft or by a simple Honan-esque data wipehow difficult would that objective be to achieve? The answer is that it's likely a lot easier than you think.

Are you an easy target?"

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

University hack: Not much dialogue, but lots of attention for hacker group

University hack: Not much dialogue, but lots of attention for hacker group | Higher Education & Information Security | Scoop.it

"Perhaps stealing personal information from major universities is not the best way to start a serious dialogue on the problems of higher education. But the hacker group TeamGhostShell's recent dump of records hacked from 100 major universities throughout the world clearly got their attention -- and the security community's."

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

National Cybersecurity Awareness Only Gets a Month?

National Cybersecurity Awareness Only Gets a Month? | Higher Education & Information Security | Scoop.it

"In case you were not aware, October is National Cyber Security Awareness Month, an initiative designed to “engage and educate public and private sector partners through events and initiatives with the goal of raising awareness about cybersecurity.”

 

In a perfect world, we would not stress this awareness for one month only. Awareness should be a constant, ongoing effort. However, since the DHS is making this a point of emphasis, why don’t we use this opportunity to focus on an a Security Awareness Program."

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Protecting the Internet [Infographic]

Protecting the Internet [Infographic] | Higher Education & Information Security | Scoop.it

October is National Cyber Security Awareness Month (NCSAM)

Protecting the Internet is a Shared Responsibility Infographic

 

via NCSA (StaySafeOnline.org)

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

In security response, practice makes perfect

In security response, practice makes perfect | Higher Education & Information Security | Scoop.it

"We've heard it many times in many forms -- expect to be breached, expect that you've been breached, expect that you are being breached.

 

The unfortunate reality is that most organizations don't even know that they've been compromised and therefore don't do anything to block spreading of the malware, control the damage, prevent loss of information, or even recover from the technical problems associated with the compromise."

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Students Will Be Doing Vulnerability Tests on Security Products at Iowa State University's New Lab

Students Will Be Doing Vulnerability Tests on Security Products at Iowa State University's New Lab | Higher Education & Information Security | Scoop.it

"Iowa State University (ISU) is setting up a product-security test and evaluation lab where university students will be assessing network security products' strengths and weaknesses in a formal program supervised by faculty and a newly-named lab director. 

 

'We have a large pool of students interested in cybersecurity,' says Dr. Doug Jacobson, director of ISU's Information Assurance Center, about the new security test facility, which he will oversee and that is being called the Information Systems Security Laboratory (ISSL)."

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

State of the CSO 2012: Ready for Anything

State of the CSO 2012: Ready for Anything | Higher Education & Information Security | Scoop.it

The 2012 State of the CSO survey shows progress toward a deeper level of business understanding and a wider knowledge of risk management

 

"The saying goes that in every crisis, there is an opportunity. Compliance requirements, data and privacy demands, and the threat landscape are constantly evolving, forcing companies to realize the importance of security and invest accordingly. As security concerns expand, so does the role of the security leader.

 

[The] annual State of the CSO survey finds a continuation of a two-part trend that we have been tracking for many years: First, there is more awareness of security and risk among companies, and second, in response, many organizations are using more formal enterprise risk management (ERM) programs. These policies, processes, methods, metrics and measurements help shape the strategic decisions for their organization. The goal is to make security strategy both targeted and holistic, proactive and defensive."

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

College Administrators: What You Can Do to Participate in NCSAM

College Administrators: What You Can Do to Participate in NCSAM | Higher Education & Information Security | Scoop.it

Whether used for class assignments, data collection, or routine communication, the Internet is a critical resource for today’s higher-education community—and as a college administrator, you can play an essential role in ensuring that this digital resource remains safe and secure at your college or university.

 

A great place to start is by participating in National Cyber Security Awareness Month, held in October 2012. Even if you have just one hour to devote to this nationwide observance or decide to make a larger time commitment, you’ll be sure to find at least one activity from the list below that can make a big difference! What You Can Do…

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

A Serious Security Flaw Lets Hackers Steal Your Twitter Account

A Serious Security Flaw Lets Hackers Steal Your Twitter Account | Higher Education & Information Security | Scoop.it

"Do you have a highly coveted Twitter handle? You should probably change your password. One user, Daniel Dennis Jones,—who formerly went by @blanket—has uncovered a very serious flaw that lets hackers crack your account and put it up for sale...

 

You can read Daniel's entire tale on Storify. It's a good reminder that you should be changing your passwords regularly to protect yourself from losing any ounce of your digital life."

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

What is the least common PIN number?

What is the least common PIN number? | Higher Education & Information Security | Scoop.it
A detailed analysis of four character PIN codes...

 

"There are 10,000 possible combinations that the digits 0-9 can be arranged to form a 4-digit pin code. Out of these ten thousand codes, which is the least commonly used? Which of these pin codes is the least predictable? Which of these pin codes is the most predictable?

 

If you were given the task of trying to crack a random credit card by repeatedly trying PIN codes, what order should you try guessing to maximize your chances of selecting the correct number in the shortest time? If you had to make predication about what the least commonly used 4-digit PIN is, what would be your guess?"

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Identity crisis: how Social Security numbers became our insecure national ID

Identity crisis: how Social Security numbers became our insecure national ID | Higher Education & Information Security | Scoop.it

The SSN-as-ID thing has got to stop. How did we get here, and can we get out?

 

"Last week, the White House announced $9 million in funding for five pilot projects as part of its National Strategy for Trusted Identities in Cyberspace initiative, a federal effort to establish a secure, universal online identity ecosystem led by the private sector.

Critics say any kind of top-down identification system would be a security risk and an encroachment on civil rights. But the fact is that the United States already has a universal ID: the unique nine-digit number issued to US citizens and residents by the Social Security Administration, which has turned out to be no less than a gift to identity thieves. While Social Security numbers work pretty well for tracking Social Security, they weren't designed to be secure.

 

Americans are reluctant to institute a national ID. But in the absence of one, the market adopted a poor substitute — and the millions of Social Security numbers for sale online for cheaper than a cup of coffee is one of the consequences of that disastrous indecision."

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

5 (more) key cloud security issues

5 (more) key cloud security issues | Higher Education & Information Security | Scoop.it
Getting the maximum possible business benefit out of cloud computing requires diligent security. How are you handling these five challenges?

1 Internal clouds are not inherently secure.

2 Companies lack security visibility and risk awareness.

3 Sensitive information needs safer storage.

4 Apps aren't secure.

5 Authentication and authorization must be more robust.

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Cloud Security Alliance set to unleash 20-plus research and guidance reports

Cloud Security Alliance set to unleash 20-plus research and guidance reports | Higher Education & Information Security | Scoop.it

The Cloud Security Alliance plans to release more than 20 research and guidance reports at the upcoming annual CSA Congress Nov. 7 and 8 in Orlando. "Of note, the CSA is extending its industry-leading research efforts into mobile and big data as these technologies have become closely interrelated with cloud and security."

more...
No comment yet.